A hike in the volume of spammed messages that pretend to come for the messaging service Viber. Viber is a messaging app which is available for almost every platform that allows users to make free calls and send messages.The spam starts when victim receives a voice mail.
Mobile users sometimes redirects to a streaming site or registration site.For example,site covertly charges the credit card number users must give during registration.Some users were redirected to the site by clicking a "Flash Player" update advertisement.
Android users sometimes redirected to Go launcher app on the play store.Redirections based on platform are not limited to official app stores.Android users who click the link were sometimes redirected to what appears to be a blank page. After checking the source code of the page, we found that it contains links that lead to a URL with an .APK file, detected as ANDROIDOS_PAWEN.HBT.
This app contains links to various adult sites. In addition, it also monitors the user’s incoming and outgoing calls, taking note of any numbers and sending it to a URL hardcoded in the app. The purpose of these URLs is patently clear from their URLs:
- http://{malicious domain}/scripts/app_tracking_manager.php
- http://{malicious domain}/scripts/app_call_tracking_manager.php
Apple users were redirected to a Chinese gaming app on the iTunes site.Both Golauncher and gaming app are not malicious. Sometimes users redirected to adult website.
Precautions
Messaging services are a common social engineering lure for attacks such as this one. Perhaps what makes this one more plausible than others is that Viber does have a desktop client. For users who receive the email, it wouldn’t be a far stretch for a recipient to assume that the voice mail exists.We advise users to be cautious when opening emails. Emails can be easily spoofed by spammers and other cybercrooks. Clicking links in emails should be avoided as much as possible. It’s far better for users to directly type the URL of the site on the address bar than rely on the embedded link.
Post a Comment
EmoticonClick to see the code!
To insert emoticon you must added at least one space before the code.